Forum Discussion

aniketvpandey's avatar
aniketvpandey
Copper Contributor
Aug 07, 2020

Azure ATP sensor : Could not create SSL/TLS secure channel

Hi All,   I have multiple DC on which Azure ATP sensor is working fine, however on one of Domain controller 2008 R2 server it is throwing below error   Error ExceptionHandler Microsoft.Tri.Infras...
EliOfek's avatar
EliOfek
Icon for Microsoft rankMicrosoft
Aug 07, 2020

aniketvpandey something is blocking proper TLS communication on localhost between the sensor process and the updater process.

 

aniketvpandey's avatar
aniketvpandey
Copper Contributor
Aug 08, 2020

EliOfek thanks for your advise, anything you would like to advise, it was working before?

 

I have checked TLS 1.2 enabled

  • EliOfek's avatar
    EliOfek
    Icon for Microsoft rankMicrosoft
    Aug 08, 2020

    aniketvpandey 

     

    The TLS communication is on localhost :444, any chance there is a new FW rule that cause issues?

     

    Some of the cases we know about were resolved by making sure these registry values are set to 0 (1 is not the default)

     

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL]

    "DisableRenegoOnServer"=dword:00000001

    "DisableRenegoOnClient"=dword:00000001

     

    Was ADFS installed on this machine by any chance?

     

     

    • Sebastien65's avatar
      Sebastien65
      Copper Contributor
      Apr 13, 2022

      EliOfek 

      Hello,
      I have the same problem on ADFS Sensor. It's Windows server 2019.
      I didn't have problem on the Domain Controller just on ADFS.

       

      The service Update is running but not the service AATPSensor. It just starting again and again.

      Can you help me?

       

      Error:

      2022-04-13 08:03:19.6535 Error ExceptionHandler Microsoft.Tri.Infrastructure.ExtendedException: RestrictCpuAsync failed, exiting ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
      at Stream System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, out TransportContext context)
      at void System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
      --- End of inner exception stack trace ---
      at async Task<HttpResponseMessage> System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task<HttpResponseMessage> sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
      at async Task<TResponse> Microsoft.Tri.Common.CommunicationWebClient.SendAsync<TResponse>(byte[] requestBytes, int offset, int count)
      at async Task<TResponse> Microsoft.Tri.Common.CommunicationWebClient.SendWithRetryAsync<TResponse>(byte[] requestBytes, int offset, int count)
      at async Task Microsoft.Tri.Common.CommunicationWebClient.SendAsync(IVoidRequest request)
      at async Task Microsoft.Tri.Sensor.Common.ServiceProxy<TWebClientConfiguration>.SendAsync(IVoidRequest request)
      at async Task Microsoft.Tri.Sensor.SensorResourceManager.RestrictCpuAsync()
      --- End of inner exception stack trace ---

       

      • Sebastien65's avatar
        Sebastien65
        Copper Contributor
        Apr 13, 2022
        I have this error on updater but the service is running.

        2022-04-13 08:04:13.8606 Error ServiceControllerExtension ChangeServiceStatus failed to change service status [name=AATPSensor status=Running Exception=System.ServiceProcess.TimeoutException: Time out has expired and the operation has not been completed.
        at System.ServiceProcess.ServiceController.WaitForStatus(ServiceControllerStatus desiredStatus, TimeSpan timeout)
        at Microsoft.Tri.Infrastructure.ServiceControllerExtension.ChangeServiceStatus(String name, ServiceControllerStatus status, TimeSpan timeout, Nullable`1 awaitedStatus)]

Resources